3. build a registration form to sign up and submit authenticate the users account. action register.php

4. build a sign in form which takes them to the page you want to give them access to. authenticate.php

5. make a dynamic link which changes from login to logout on session_start();

05-15-2013, 12:42 PM

JEMdesigns

Hey Nick.
I know some php coding; however I have never built a registration form or login for php. Can you suggest any tutorials or sites that will assist
Jeff

05-15-2013, 12:45 PM

Nicholas Diaz

all i can suggest is you tube videos.

i could send you the code but you would still have to edit it to work with your site...

05-15-2013, 01:15 PM

JEMdesigns

Sure you can send it and I will have a look at it.

05-18-2013, 11:03 PM

Dragonfire2008

Just an FYI, Lynda.com - PHP and MySQL Essential Training has a section on this, but I think the whole tutorial is something to learn. The login is quite nice and simple.

05-19-2013, 10:10 AM

Nicholas Diaz

Ya I can post code for a login I have but I feel like with out going through it line by line it won't help you.

You need to look up a tutorial on building a login in php basic. Then when you understand that you can add more complexed features to it. This is something you can learn in a day

But then agAin if you just want it done send me a zip file of your site and ill add it for you.Nichodiaz@nichodiaz.com

But... I strongly suggest you take 1 night or day and learn this your self. Once functionality is added it can always be updated or upgraded to something a little more advanced.

The important thing is you go through this once and you never have this problem again.

06-11-2013, 10:03 AM

JEMdesigns

So I have setup all the files needed to login; however when I try to login it does not go anywhere it just gives me a blank screen.
You can have a look a elitekenpo.org/login.php and I have created a test user for test and the password is temp123.

06-11-2013, 10:27 AM

Nicholas Diaz

once you build a login you need to tell the authentication where to direct you at the point of success. or in the case of fail.

there are different ways you can go about this. A few options...

1. it takes you to a page only accessable to people whoa are logged in.
2. it redirects you to any page in the website.
3. a message pops up thats says you have logged in.

remember you want to use php at this point to create a dynamic link which will change from login to logout. the logout button should end session. and when you authenitcate a login in make sure that is has session start at the top of the page.

notice at the top of the authenticate page it has a session_start and at the end of the authenticate.php file it says header then a location and file path. thats where it takes u when u login and when u log out it destroys the session and takes u back to the index.php page

on your page login.php the form action is targeting its self. this means you need the page to contain the equivilant to my authenticate.php file on it. otherwise you could make login.php the page with the login form on it then change the action to submit to a page like my authenticate.php

here is an example of my php script for logging in. this file is called authenticate.php

Okay, so question? Is it possible to put the link in the database so when it accessing the user it will redirect to the page that is displayed in the database. So the client wants that the student only see one page until they complete their belt test and than them or myself would change it to the next belt level page in the database for that student. Is that possible?

06-11-2013, 11:04 AM

Nicholas Diaz

yes there is a few ways to accomplish that. what you would do is add user privileges in the database.

first thing is first. do you understand how to get the login working and the header pointing to the first page you want to direct the user too? once we have this working we can work on the next page

one way of doing this is by adding a column in the database that contains a value. when a user logs in with his username and password we can query the database with php and have it grab the URL stored for the specific user and have him directed to the correct page.

But I would start by making sure we can get your login working first, and im sure we can brain storm a better system than that so you dont have to keep going in to mysql and changing stuff manually.

one option which i recently used for something similar is i added a code field in the registration field. basically the owner of the company has to give you a code for you to register on his website.

we can add a code field and when you log in there can be a place for a code. and you can give out the specific code to the people you want to see which ever page.

but this will also depend on how many pages you have, we should look at the full objective and brain storm a solution that makes sense according to the project.

06-11-2013, 11:36 AM

Strider64

I don't mean to muddy up this even more, but I wrote a nice login/registration tutorial (without authentication though it could easily be implemented).

// A nice password hashing library for PHP 5// Find it here: https://github.com/ircmaxell/password_compat/blob/master/lib/password.php// Read the Documentation for further help:// NOTE: if you're not using PHP 5, there are plenty of // other good password hashing libraries out there ---> JUST GOOGLE IT!require 'includes/password.inc.php';

// Using Regex to check password: if (preg_match("/^.*(?=.{8,})(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z]).*$/", $password) === 0) {$errMsg .= '<p>Password must be at least 8 characters, and must contain at least one lower case letter, one upper case letter and one digit.</p>'; }

// These two statements run the query against your database table.$stmt = $pdo->prepare($query);$result = $stmt->execute($query_params);

// The fetch() method returns an array representing the "next" row from // the selected results, or false if there are no more rows to fetch. return $row = $stmt->fetch(); // If a row was returned, then we know a matching username was found in // the database already and we should return a boolean value back.

}

// Check to see if username is available:$result = isUsernameAvailable($username, $pdo);

try {// Execute the query against the database$stmt = $pdo->prepare($query);$result = $stmt->execute($query_params); } catch(PDOException $ex) {// Note: On a production website, you should not output $ex->getMessage(). // It may provide an attacker with helpful information about your code. die("Failed to run query: " . $ex->getMessage()); }

// This variable tells us whether the user has successfully logged in or not. // We initialize it to false, assuming they have not. // If we determine that they have entered the right details, then we switch it to true.$login_ok = false;

// Retrieve the user data from the database. If $row is false, then the username // they entered is not registered.$row = $stmt->fetch();

// It's not wise to store the password in $_SESSION:unset($row['password']);

// This stores the user's data into the session at the index 'user'. // We will check this index on the private members-only page to determine whether // or not the user is logged in. We can also use it to retrieve // the user's details.$_SESSION['user'] = $row;

// The following output is just to prove that it works:echo '<pre>';print_r($_SESSION); echo '</pre>';

}/* * This was just to help people who are just getting started * learning how to program in the PHP Language. The PDO portion * is written in Object-Oriented Style, but this doesn't mean * that you now know OOP or that you have to use it. It's pretty * straight forward in my opinion. I have tested this out, but I make * no guarantees that it works 100 percent and it diffentely needs * updating/styling. However, that is up to you and besides it's * a good way to learn PHP. */?>

<!--/Display Errors if there are any - using a ternary operator--><?php echo (isset($errMsg)) ? $errMsg : '<h1>Login Page:</h1>'; ?>

This is far from perfect, but I do know one thing that it works. Even if none of the code is used, I think it shows how to go about writing a basic login/registration system in PHP. I didn't take in the part of sanitizing the variables, but it is using PDO prepared statements.

06-11-2013, 11:52 AM

JEMdesigns

Yeah. I got that from you before Strider. And I copied everything over; however it is not logging in. Or I should say it is; however I am getting a blank screen

06-11-2013, 12:20 PM

Nicholas Diaz

that code is not working. its authenticating anything we type in.

u need to make sure you have your database set up correctly.

u need to make sure your declaring the header section upon authentication